System administrators use scripts to automate tasks. Many of these scripts accept input from an outside source. If this occurs, the input should be validated before the script uses the input during further processing of the script. However, it is nearly impossible to force this type of validation. In addition, malicious individuals are continually seeking new ways to exploit overlooked vulnerabilities within scripts. Some of the now known vulnerabilities include overrunning buffers, inserting unexpected text/code in the input, inserting unexpected code for execution, and the like.
The Perl language developed a security feature that is directed at minimizing risks associated with input data collected from web forms. This security feature is commonly referred to as “taint”. The taint feature is enabled through a switch on the command line. When the taint feature is enabled, user input, file input, and environment variables are specifically marked as tainted (i.e., potentially unsafe). In addition, any attempt to use tainted data to affect the outside world is blocked and causes the program to abort. In order to untaint a tainted variable, the tainted variable is run through a regular expression. The regular expression is set to match any possible legal values that the string might have.
While Perl's taint option helps create more secure programs in specific situations, a more pervasive and more comprehensive taint mechanism is needed that handles various scripting situations.